Wireless telecommunications networks and the Internet have made a wide variety of network services readily available to users. Examples of such services include social networking services, banking services, communication services (e.g., email, instant messaging and video calls), etc., which may be accessed from mobile devices, such as smartphones, and non-mobile user devices, such as desktop computers. A pervasive concern in providing network services (also referred to herein as, simply, “services”) is maintaining a level of security that effectively prevents individuals from accessing services unlawfully. Another pervasive concern in providing such services in a fast and convenient manner. For example, when a user attempts to access a particular network service by, for example, attempting to log on to a user account hosted by an application server, the organization in charge of the application server may implement certain authentication procedures.
For example, the application server may require the user to provide valid credentials (e.g., a username and password) in order to ensure that the network service is not accessed by unauthorized users. In some instances, the authentication procedures may also require the user to provide additional information, such as a mother's maiden name, a birthday, a place of birth, etc. While such measures may help ensure the security of the application server, requiring the user to provide extensive authentication information may be cumbersome on the user. As such, the information required to authenticate the user may be limited to, for example, a username, a password, and one more type of information (e.g., a place of birth, a mother's maiden name, a mobile device number (MDN), etc.). In some instances, requiring such information for authentication may be referred to as a two-factor authentication procedure, with the username and password being the first factor and the additional information (e.g., a birth place, a mother's maiden name, etc.) being the second factor.